Understand the mechanics, risks, and the future of IMSI catching (a.k.a. stealing your cellular ID) in 2025. Read our primer on this niche form of hacking.

The GSM (better known as 2G) protocol has a security vulnerability that exposes a user’s personal identifier (IMSI) in the clear, allowing for attribution and geolocation. This vulnerability is also in the UMTS (a.k.a. 3G) spec, and in the LTE (4G) spec. While the vulnerability was finally addressed in NR (5G), it’s imperfect and remains an exploitable 5G network vulnerability… and my favorite cybersecurity topic.
How to block an IMSI catcher
There’s no way to block an IMSI catcher. The only simple thing you can do, that can have an effect, is to set your network priority to 5G-SA – but most phones don’t support this feature.

If you’re really paranoid, stay in airplane mode until you’re in a very dense coverage area. While this is far from a guarantee, IMSI catchers are more likely to be sitting in areas with compromised signal quality.

Finally, you can keep your phone in a Faraday bag, which can provide up to 100 dB of signal attenuation. GSM